Sign in as anyone: Bypassing SAML SSO authentication with parser differentials

github.blog

Sign in as anyone: Bypassing SAML SSO authentication with parser differentials

github.blog

RSS Bot@lemmy.bestiver.seMB to Hacker News@lemmy.bestiver.seEnglish · vor 9 Monaten

Critical authentication bypass vulnerabilities were discovered in ruby-saml up to version 1.17.0. See how they were uncovered.

Comments

You must log in or # to comment.

Chat

Hacker News@lemmy.bestiver.se

hackernews@lemmy.bestiver.se

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !hackernews@lemmy.bestiver.se

Community locked: only moderators can create posts. You can still comment on posts.

Posts from the RSS Feed of HackerNews.

The feed sometimes contains ads and posts that have been removed by the mod team at HN.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

282 users / day
1.61K users / week
3.77K users / month
9.34K users / 6 months
40 local subscribers
3.27K subscribers
32.3K Posts
16.8K Comments
Modlog